1

I mean, say you were writing professional grade software that would involve sensitive client information. (Take this in the context of me being an amateur programmer.)

Would you use hlib and hmac? Are they good enough to secure data? Or would you write something fancier by hand?

Edit: In context of those libraries containing more or less the best hashing algorithms in the world, I guess it's silly to ask if you'd "write something fancier."

What I'm really asking here is whether it's enough on its own.

temporary_user_name
  • 1,094
  • 4
  • 11
  • 20
  • 2
    Good enough for what? Sensitive client information is incredibly vague, are we talking typical private data, financial data, or nuclear weapons launch codes? – yannis Nov 25 '12 at 09:37
  • LOL I meant...in general. Normal programming. Not the latter. – temporary_user_name Nov 25 '12 at 15:12
  • Not sure about how good they are but to answer the second question: `would you write something fancier by hand?` The answer to that is never. You (and I) are not security experts the chance of getting something subtle wrong is just too high. You should **NEVER** write your own encryption software (unless that is your specific job) always get a good well tested available package to do it. – Martin York Nov 26 '12 at 01:26

1 Answers1

3

The pre-built library is almost certainly more secure than something you will write yourself. Writing security libraries like these is very difficult to do correctly without making any mistakes. The team of developers that made it probably have a lot more experience in this sort of thing than the average developer. Those libraries are also more "battle-tested" than something you'd write yourself. You should definitely use pre-build libraries instead of doing it yourself.

There's a lot to keep in mind when trying to do something securely though. It's possible to use the most secure tools and libraries, but combine them in a way that isn't secure. This is more likely than the core libraries themselves being insecure. This is why you want to keep everything as simple as possible, even when using secure libraries and tools.

Oleksi
  • 11,874
  • 2
  • 53
  • 54